Intrusion detection system

System to detect unauthorised attempts to access a system or network

An intrusion detection system is any system designed to detect intrusions, or unauthorised attempts to access, change or in any way manipulate a computer system or network.

Such systems can be network-based (NIDS), sitting at the network edge monitoring all traffic reaching or leaving the network and looking out for irregular activity - a well-known example of a NIDS system is Snort. They can also focus on individual protocols or applications, for example running on a web or application server and monitoring traffic passing through a particular port or protocol, or communications to a particular piece of server software.

Intrusion detection can also run on an individual host, covering the whole system and watching all activity for signs of intrusion, illegal modification or data leakage. Such a system is known as a host-based intrusion detection system, or HIDS.

Poll

Should anti-virus software be free for personal use?
Yes
No
I don't know

Leave a comment
View 43 comments
Jobs Career Sidebar

VB100 certification

VB100 VB's testing team put 24 anti-malware products to the test on the server version of Microsoft's latest iteration of the Windows platform: Windows Server 2008. John Hawes has all the details on which products managed to secure a VB100 award and which need have a little more work to do.
See full results.
Virus Bulletin currently has 144,127 registered users.